APPARATUS AND METHOD FOR DETECTING NETWORK ATTACK BASED ON VISUAL DATA ANALYSIS
First Claim
1. An apparatus for detecting a network attack, comprising:
- a traffic image generator for generating a traffic image using traffic information and additional IP information extracted from the traffic information;
a network attack detector for comparing similarities between the traffic image and a previously generated traffic image based on a predetermined similarity threshold to detect the presence of the network attack;
a network attack analyzer for analyzing the traffic image at a time when the network attack is detected to detect network attack information and pattern information of the network attack; and
a representation unit for visualizing the network attack information and the pattern information of the network attack.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus for detecting a network attack includes a traffic image generator for generating a traffic image using traffic information and additional IP information extracted from the traffic information; a network attack detector for comparing similarities between the traffic image and a previously generated traffic image based on a predetermined similarity threshold to detect the presence of the network attack; and a network attack analyzer for analyzing the traffic image at a time when the network attack is detected to detect network attack information and pattern information of the network attack. A representation unit for visualizing the network attack information and the pattern information of the network attack.
36 Citations
20 Claims
-
1. An apparatus for detecting a network attack, comprising:
-
a traffic image generator for generating a traffic image using traffic information and additional IP information extracted from the traffic information; a network attack detector for comparing similarities between the traffic image and a previously generated traffic image based on a predetermined similarity threshold to detect the presence of the network attack; a network attack analyzer for analyzing the traffic image at a time when the network attack is detected to detect network attack information and pattern information of the network attack; and a representation unit for visualizing the network attack information and the pattern information of the network attack. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 15)
-
-
12. A method for detecting a network attack, comprising:
-
generating a traffic image using traffic information and additional IP information extracted from the traffic information; comparing similarities between the traffic image and a previously generated traffic image based on a predetermined similarity threshold to detect the presence of the network attack; analyzing the traffic image to detect network attack information and pattern information of the network attack; and visualizing the network attack information and the pattern information of the network attack. - View Dependent Claims (13, 14, 16, 17, 18, 19, 20)
-
Specification